Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-6996

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a priv... Read more

    Affected Products : iphone_os tvos watchos
    • EPSS Score: %0.68
    • Published: May. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2012-3841

    Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.... Read more

    Affected Products : kmplayer
    • EPSS Score: %1.07
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-17408

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mal... Read more

    Affected Products : internet_security_2018
    • EPSS Score: %6.34
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2008-5525

    ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no exten... Read more

    Affected Products : internet_explorer clamav
    • EPSS Score: %0.40
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5528

    Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a... Read more

    Affected Products : internet_explorer esafe
    • EPSS Score: %0.12
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5532

    Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the fil... Read more

    Affected Products : internet_explorer ikarus_antivirus
    • EPSS Score: %0.29
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5535

    Norman Antivirus 5.80.02, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2)... Read more

    • EPSS Score: %0.31
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3947

    Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many spa... Read more

    Affected Products : tandberg_mxp_endpoints
    • EPSS Score: %4.97
    • Published: Nov. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5691

    Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method.... Read more

    Affected Products : flashax
    • EPSS Score: %5.98
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3285

    The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.... Read more

    Affected Products : filesys_smbclientparser
    • EPSS Score: %4.30
    • Published: Jul. 24, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-8150

    The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the la... Read more

    • EPSS Score: %0.09
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8243

    A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Aug. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2018-5359

    The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.... Read more

    Affected Products : sysgauge
    • EPSS Score: %29.26
    • Published: Jan. 23, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2192

    Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL... Read more

    Affected Products : rw-5100
    • EPSS Score: %0.24
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2242

    Untrusted search path vulnerability in Flets Setsuzoku Tool for Windows all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : flets_setsuzoku_tool
    • EPSS Score: %0.14
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2266

    Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : filecapsule_deluxe_portable
    • EPSS Score: %0.14
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2268

    Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : filecapsule_deluxe_portable
    • EPSS Score: %0.14
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2012-4710

    Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with... Read more

    Affected Products : wonderware_win-xml_exporter
    • EPSS Score: %0.46
    • Published: Apr. 04, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-6447

    Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.... Read more

    Affected Products : easymail_mailstore_object
    • EPSS Score: %8.66
    • Published: Mar. 09, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4755

    Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file.... Read more

    Affected Products : audio_player
    • EPSS Score: %7.01
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291573 Results